heads up: Yubikey 5 series

[madires]

In September security researchers published a paper about a security issue in an Infinion lib used by Yubikey 5 series (firmware version < 5.7). You can read more about it at https://ninjalab.io/eucleak/. The security issue went unnoticed for 14 years! Since you can't perform a firmware update on Yubikeys for security reasons all 5 series keys with a firmware older than 5.7 should be considered insecure, i.e. e-waste. There are reports that Yubikey still sells 5 series keys with the old firmware (https://blog.fefe.de/?ts=99ccc8dc, in German). If you buy a Yubikey 5 series make sure you get one with a new firmware. Yubikey's stance on that issue is very disappointing.

[ebastler]

[...] you can't perform a firmware update on Yubikeys for security reasons [...]

"Nobody can compromise the security of your YubiKey!

...

We have already taken care of that ourselves."

[ataradov]

If you actually read the paper, it is such a non-issue. It requires destruction of the original and hours of processing time. There is no way this can be realistically done in a way the owner would not notice.

It is good to do security research and patch even the most obscure of the issues. But there is no need to panic. The existing devices are plenty safe.

Also, no firmware updates is a requirement for highest levels of certification. This is a feature, not a bug.

[ejeffrey]

If you actually read the paper, it is such a non-issue. It requires destruction of the original and hours of processing time. There is no way this can be realistically done in a way the owner would not notice.

It is good to do security research and patch even the most obscure of the issues. But there is no need to panic. The existing devices are plenty safe.

Also, no firmware updates is a requirement for highest levels of certification. This is a feature, not a bug.

I wouldn't quite say it's a non issue.  Especially for situations requiring the "highest levels of certification", a cloning attack that takes several hours of offline analysis is still a concern.  But it's definitely not something that most people who are using yubikeys for protecting bank accounts from online phishing attacks should worry about. 

The attack requires someone to get your username and password as well as the security key.  So you are already hacked.  The difference with this attack is that if they return your security key (reassembled) they can retain ongoing access even when you have the security key back in your possession.  That like James Bond stuff, but not an attack most of us need to worry about.  For the attackers most of us have to worry about, if they get access once they are going to do whatever damage they are going to do quickly and conspicuously.

[ataradov]

The keys are potted, There is no reassembly, they have pictures of the disassembly process in the whitepaper, it is pretty brutal.

A very sophisticated attacker may create a clone device not based on the Infinion device, but behaving entirely identically using extracted private key. They would need to recreate the package too. But this is really out there. Again, something that needs to be fixed, but nothing you should be immediately worried about.

If this is a concern, it might make sense to leave a physical mark on your key that replaced unit will not be able to replicate accurately.

[SiliconWizard]

I actually have one of these, and after reading the details, I'm not too concerned indeed. But I'll keep that in mind. That's a key that I'll probably replace and toss at some point, but I see no urgency.

[Halcyon]

I'm not concerned. I'm not about to revoke all the older Yubikeys in my organisation because of this. The attack vector is so implausible, in that, if an attacker manages to pull it off and successfully authenticate, you have bigger problems.

I stand by my comment so much that I actually put my own name and reputation against it in a public forum (not this one; LinkedIn)